change WebhookAuthenticator TLSConnectionNegotiationValid to ConnectionProbeValid

2026-05-01 21:36:00 +00:00 · 2024-03-19 18:00:40 -04:00
parent 5bc4e678bf
commit bec5fe85cc
3 changed files with 44 additions and 44 deletions
--- a/internal/controller/authenticator/webhookcachefiller/webhookcachefiller.go
+++ b/internal/controller/authenticator/webhookcachefiller/webhookcachefiller.go
@@ -39,24 +39,24 @@ import (
 )

 const (
-	controllerName                    = "webhookcachefiller-controller"
-	typeReady                         = "Ready"
-	typeTLSConfigurationValid         = "TLSConfigurationValid"
-	typeTLSConnectionNegotiationValid = "TLSConnectionNegotiationValid"
-	typeEndpointURLValid              = "EndpointURLValid"
-	typeAuthenticatorValid            = "AuthenticatorValid"
-	reasonSuccess                     = "Success"
-	reasonNotReady                    = "NotReady"
-	reasonUnableToValidate            = "UnableToValidate"
-	reasonUnableToCreateTempFile      = "UnableToCreateTempFile"
-	reasonUnableToMarshallKubeconfig  = "UnableToMarshallKubeconfig"
-	reasonUnableToLoadKubeconfig      = "UnableToLoadKubeconfig"
-	reasonUnableToInstantiateWebhook  = "UnableToInstantiateWebhook"
-	reasonInvalidTLSConfiguration     = "InvalidTLSConfiguration"
-	reasonInvalidEndpointURL          = "InvalidEndpointURL"
-	reasonInvalidEndpointURLScheme    = "InvalidEndpointURLScheme"
-	reasonUnableToDialServer          = "UnableToDialServer"
-	msgUnableToValidate               = "unable to validate; see other conditions for details"
+	controllerName                   = "webhookcachefiller-controller"
+	typeReady                        = "Ready"
+	typeTLSConfigurationValid        = "TLSConfigurationValid"
+	typeConnectionProbeValid         = "ConnectionProbeValid"
+	typeEndpointURLValid             = "EndpointURLValid"
+	typeAuthenticatorValid           = "AuthenticatorValid"
+	reasonSuccess                    = "Success"
+	reasonNotReady                   = "NotReady"
+	reasonUnableToValidate           = "UnableToValidate"
+	reasonUnableToCreateTempFile     = "UnableToCreateTempFile"
+	reasonUnableToMarshallKubeconfig = "UnableToMarshallKubeconfig"
+	reasonUnableToLoadKubeconfig     = "UnableToLoadKubeconfig"
+	reasonUnableToInstantiateWebhook = "UnableToInstantiateWebhook"
+	reasonInvalidTLSConfiguration    = "InvalidTLSConfiguration"
+	reasonInvalidEndpointURL         = "InvalidEndpointURL"
+	reasonInvalidEndpointURLScheme   = "InvalidEndpointURLScheme"
+	reasonUnableToDialServer         = "UnableToDialServer"
+	msgUnableToValidate              = "unable to validate; see other conditions for details"
 )

 // New instantiates a new controllerlib.Controller which will populate the provided authncache.Cache.
@@ -274,7 +274,7 @@ func newWebhookAuthenticator(
 func (c *webhookCacheFillerController) validateTLSNegotiation(certPool *x509.CertPool, endpointURL *url.URL, conditions []*metav1.Condition, prereqOk bool) ([]*metav1.Condition, error) {
 	if !prereqOk {
 		conditions = append(conditions, &metav1.Condition{
-			Type:    typeTLSConnectionNegotiationValid,
+			Type:    typeConnectionProbeValid,
 			Status:  metav1.ConditionUnknown,
 			Reason:  reasonUnableToValidate,
 			Message: msgUnableToValidate,
@@ -300,7 +300,7 @@ func (c *webhookCacheFillerController) validateTLSNegotiation(certPool *x509.Cer
 		errText := "cannot dial server"
 		msg := fmt.Sprintf("%s: %s", errText, dialErr.Error())
 		conditions = append(conditions, &metav1.Condition{
-			Type:    typeTLSConnectionNegotiationValid,
+			Type:    typeConnectionProbeValid,
 			Status:  metav1.ConditionFalse,
 			Reason:  reasonUnableToDialServer,
 			Message: msg,
@@ -315,7 +315,7 @@ func (c *webhookCacheFillerController) validateTLSNegotiation(certPool *x509.Cer
 	}

 	conditions = append(conditions, &metav1.Condition{
-		Type:    typeTLSConnectionNegotiationValid,
+		Type:    typeConnectionProbeValid,
 		Status:  metav1.ConditionTrue,
 		Reason:  reasonSuccess,
 		Message: "tls verified",